diff --git a/python/ql/test/experimental/dataflow/model-summaries/InlineTaintTest.ext.yml b/python/ql/test/experimental/dataflow/model-summaries/InlineTaintTest.ext.yml index e3a7e059401e..10fbd6df7448 100644 --- a/python/ql/test/experimental/dataflow/model-summaries/InlineTaintTest.ext.yml +++ b/python/ql/test/experimental/dataflow/model-summaries/InlineTaintTest.ext.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/python-all extensible: summaryModel data: - - ["foo", "Member[MS_identity]", "Argument[0]", "ReturnValue", "value"] + - ["foo", "Member[MS_identity]", "Argument[0,x:]", "ReturnValue", "value"] - ["foo", "Member[MS_apply_lambda]", "Argument[1]", "Argument[0].Parameter[0]", "value"] - ["foo", "Member[MS_apply_lambda]", "Argument[0].ReturnValue", "ReturnValue", "value"] - ["foo", "Member[MS_reversed]", "Argument[0].ListElement", "ReturnValue.ListElement", "value"] @@ -17,4 +17,5 @@ extensions: - ["foo", "Member[MS_append_to_list]", "Argument[1]", "ReturnValue", "taint"] - ["foo", "Member[MS_spread]", "Argument[0]", "ReturnValue.TupleElement[0]", "value"] - ["foo", "Member[MS_spread]", "Argument[1]", "ReturnValue.TupleElement[1]", "value"] + - ["foo", "Member[MS_spread_all]", "Argument[0]", "ReturnValue.TupleElement[0,1]", "value"] - ["json", "Member[MS_loads]", "Argument[0]", "ReturnValue", "taint"] diff --git a/python/ql/test/experimental/dataflow/model-summaries/NormalDataflowTest.ext.yml b/python/ql/test/experimental/dataflow/model-summaries/NormalDataflowTest.ext.yml index e3a7e059401e..10fbd6df7448 100644 --- a/python/ql/test/experimental/dataflow/model-summaries/NormalDataflowTest.ext.yml +++ b/python/ql/test/experimental/dataflow/model-summaries/NormalDataflowTest.ext.yml @@ -3,7 +3,7 @@ extensions: pack: codeql/python-all extensible: summaryModel data: - - ["foo", "Member[MS_identity]", "Argument[0]", "ReturnValue", "value"] + - ["foo", "Member[MS_identity]", "Argument[0,x:]", "ReturnValue", "value"] - ["foo", "Member[MS_apply_lambda]", "Argument[1]", "Argument[0].Parameter[0]", "value"] - ["foo", "Member[MS_apply_lambda]", "Argument[0].ReturnValue", "ReturnValue", "value"] - ["foo", "Member[MS_reversed]", "Argument[0].ListElement", "ReturnValue.ListElement", "value"] @@ -17,4 +17,5 @@ extensions: - ["foo", "Member[MS_append_to_list]", "Argument[1]", "ReturnValue", "taint"] - ["foo", "Member[MS_spread]", "Argument[0]", "ReturnValue.TupleElement[0]", "value"] - ["foo", "Member[MS_spread]", "Argument[1]", "ReturnValue.TupleElement[1]", "value"] + - ["foo", "Member[MS_spread_all]", "Argument[0]", "ReturnValue.TupleElement[0,1]", "value"] - ["json", "Member[MS_loads]", "Argument[0]", "ReturnValue", "taint"] diff --git a/python/ql/test/experimental/dataflow/model-summaries/model_summaries.py b/python/ql/test/experimental/dataflow/model-summaries/model_summaries.py index c8c5ac0a8882..17f831f6ed12 100644 --- a/python/ql/test/experimental/dataflow/model-summaries/model_summaries.py +++ b/python/ql/test/experimental/dataflow/model-summaries/model_summaries.py @@ -30,12 +30,16 @@ def SINK_F(x): ensure_tainted = ensure_not_tainted = print TAINTED_STRING = "TAINTED_STRING" -from foo import MS_identity, MS_apply_lambda, MS_reversed, MS_list_map, MS_append_to_list, MS_spread +from foo import MS_identity, MS_apply_lambda, MS_reversed, MS_list_map, MS_append_to_list, MS_spread, MS_spread_all # Simple summary via_identity = MS_identity(SOURCE) SINK(via_identity) # $ flow="SOURCE, l:-1 -> via_identity" +# Simple summary keyword +via_identity_kw = MS_identity(x = SOURCE) +SINK(via_identity_kw) # $ flow="SOURCE, l:-1 -> via_identity_kw" + # Lambda summary via_lambda = MS_apply_lambda(lambda x: [x], SOURCE) SINK(via_lambda[0]) # $ flow="SOURCE, l:-1 -> via_lambda[0]" @@ -114,6 +118,10 @@ def explicit_identity(x): SINK_F(x) SINK(y) # $ flow="SOURCE, l:-2 -> y" +a, b = MS_spread_all(SOURCE) +SINK(a) # $ flow="SOURCE, l:-1 -> a" +SINK(b) # $ flow="SOURCE, l:-2 -> b" + # Modeled flow-summary is not value preserving from json import MS_loads as json_loads